Fake Zoom installers infect PCs with RevCode WebMonitor RAT

The coronavirus-led lockdown has forced people to work from homes. Remote working involves using a mixture of video recording-conferencing and communicating mediums like Zoom or Microsoft Teams. This compulsion has provided cybercriminals the perfect opportunity to fulfill their malicious activities more turbulently.

That's why Zoom is being actively targeted by hackers in the last fewer weeks. These attacks require Zoomboming or spreading malware hidden in counterfeit Zoom apps. And now, Trend Micro has identified yet another tone-beginning campaign targeting Zoom users.

Accordant to Trend Micro cybersecurity researchers, cybercriminals are using spiteful Zoom installers to stagger RevCode WebMonitor RAT (remote access tool). However, researchers have confirmed that these installers, although genuine, doesn't come from official sources such A Google Play, Apple App Store, Oregon Whizz's official download center.

See: Over half a million Zoom accounts existence sold on hacker forum

The infective Soar installers are available at third-party websites and victims are sent poisonous links via phishing emails. This campaign is somewhat synonymous to another campaign that was discovered in April. In that campaign, legit Zoom installers were used to infect devices with a cryptocurrency miner.

In the new campaign, cybercriminals have repackaged genuine Rapid growth installers with WebMonitor Bum. When someone downloads ZoomInstallerexe, which contains an clean Zoom installer version 4.6 and the malicious RevCode WebMonitor RAT, the device gets infected with the Shop.

Upon infection, according to Trend Micro's blog Post, information technology allows the attacker to gain remote of the device and spy on the user via webcam streaming, keylogging, and screen capturing.

RevCode WebMonitor RAT's website where hackers sell the software program

Amidst new concerns complete the use of Zoom for remote working, Zoom has updated its OS to version 5.0, which is touted to be far superior to the older versions in terms of privacy and security.

If you use Zoom, make a point it's updated to the latest version entirely consumption legitimate distribution channels like Google Play to download Zoom. Moreover, install and run down your device with authentic antivirus software.

Did you savor interpretation this article? Like our Page onFacebookand follow us onTwitter.

Source: https://www.hackread.com/fake-zoom-installers-infect-pcs-revcode-webmonitor-rat/

Posted by: mckaycaudds.blogspot.com

Share this post